Bug lifecycle (curtis)

"Feature work" and "Quality work" require different methods of prioritization. Our lifecycle is somewhat effective at prioritizing and driving features, but not quality. (Quality can include security and performance issues as well as bugs)

smooney, who runs CrashKill, feels similarly.

"Just turn up the volume" is not a good solution, because everyone turns up the volume and all we have is noise.

We should not be fighting against engineering and engineering management!

Remind everyone that people choose Firefox based on its reputation for security and performance.

Lucas (and others) have been chatting with engineering management, and will continue for another week or two and hope a proposal comes out of it.

This could be an all-hands topic. We'll try to have a strawman proposal to present there.

This could help us with the sg:moderate backlog.

Publishing "security bug backlog" stats. Can be framed as visibility, competition, or shaming.

Google is doing this in sort of a game style (bugs must be killed), turning stuff into games seems to motivate people even more.

Long-term support

Meeting on Friday (warp core at 1pm) (organized by kevin)

Jesse is skeptical that adding a new LTS will actually help get users off of Firefox 3.6.

Jesse shared draft blog posts "Rapid releases and security" and "Preventing users from falling out of support" with the team.